[Dshield] Re: [Full-Disclosure] Port Blocking

Darren Gasser kaos at earthlink.net
Fri Jun 27 18:52:28 GMT 2003


Bjorn Stromberg wrote:
>Protecting users is no excuse for an ISP
> to not serve full, unabridged, wide-open internet access. If the users
> cannot handle this, they should pay someone to hold their hand.

With all due respect, you can't seriously be suggesting that every single
dialup, DSL, or cable modem user out there be required to hire a sysadmin to
secure their connection or become sufficiently trained to do it themselves.
Not gonna happen.  Not now, not ever.

In Ye Olden Days, the basic assumption was that the systems on the other end
of a TCP/IP connection were managed by someone who more or less knew what
they were doing.  This hasn't been the case for the last decade, though.  As
much as we may miss the Days Of Happy Memory, trying to run networks that
way now is dangerous and irresponsible.

Like it or not, the lusers, spammers, and other former BOFH-fodder now
control way too many TCP/IP endpoints, and it's up to the ISPs and transit
providers to protect themselves and the rest of the net from the ignorance
and/or malice of their customers.

-Darren




More information about the list mailing list